summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorScott Dodson <sdodson@redhat.com>2017-07-26 14:05:54 -0400
committerGitHub <noreply@github.com>2017-07-26 14:05:54 -0400
commitcff5116a1dae3c6b44afa59ae5fd08b398873945 (patch)
tree0ae9457d72a603a1f0bde8b2d3069f0a3aee1083
parent4df1ea1bb10625760910a9afc5210ceae6a20298 (diff)
parentbe594907d750477c7ef0dec9c235f0697de79070 (diff)
downloadopenshift-cff5116a1dae3c6b44afa59ae5fd08b398873945.tar.gz
openshift-cff5116a1dae3c6b44afa59ae5fd08b398873945.tar.bz2
openshift-cff5116a1dae3c6b44afa59ae5fd08b398873945.tar.xz
openshift-cff5116a1dae3c6b44afa59ae5fd08b398873945.zip
Merge pull request #4693 from enoodle/create_router_certificate_by_default
Router wildcard certificate created by default
-rw-r--r--roles/openshift_hosted/defaults/main.yml2
-rw-r--r--roles/openshift_hosted/tasks/router/router.yml6
2 files changed, 4 insertions, 4 deletions
diff --git a/roles/openshift_hosted/defaults/main.yml b/roles/openshift_hosted/defaults/main.yml
index 089054e2f..0391e5602 100644
--- a/roles/openshift_hosted/defaults/main.yml
+++ b/roles/openshift_hosted/defaults/main.yml
@@ -29,7 +29,7 @@ openshift_hosted_routers:
openshift_hosted_router_certificate: {}
openshift_hosted_registry_cert_expire_days: 730
-openshift_hosted_router_create_certificate: False
+openshift_hosted_router_create_certificate: True
os_firewall_allow:
- service: Docker Registry Port
diff --git a/roles/openshift_hosted/tasks/router/router.yml b/roles/openshift_hosted/tasks/router/router.yml
index c60b67862..dd485a64a 100644
--- a/roles/openshift_hosted/tasks/router/router.yml
+++ b/roles/openshift_hosted/tasks/router/router.yml
@@ -23,8 +23,8 @@
signer_key: "{{ openshift_master_config_dir }}/ca.key"
signer_serial: "{{ openshift_master_config_dir }}/ca.serial.txt"
hostnames:
- - "{{ openshift_master_default_subdomain }}"
- - "*.{{ openshift_master_default_subdomain }}"
+ - "{{ openshift_master_default_subdomain | default('router.default.svc.cluster.local') }}"
+ - "*.{{ openshift_master_default_subdomain | default('router.default.svc.cluster.local') }}"
cert: "{{ ('/etc/origin/master/' ~ (item.certificate.certfile | basename)) if 'certfile' in item.certificate else ((openshift_master_config_dir) ~ '/openshift-router.crt') }}"
key: "{{ ('/etc/origin/master/' ~ (item.certificate.keyfile | basename)) if 'keyfile' in item.certificate else ((openshift_master_config_dir) ~ '/openshift-router.key') }}"
with_items: "{{ openshift_hosted_routers }}"
@@ -37,7 +37,7 @@
cafile: "{{ openshift_master_config_dir ~ '/ca.crt' }}"
# End Block
- when: openshift_hosted_router_create_certificate | bool
+ when: ( openshift_hosted_router_create_certificate | bool ) and openshift_hosted_router_certificate == {}
- name: Get the certificate contents for router
copy: